CVE-2025-61037

Name of the Vulnerable Software and Affected Versions SevenCs ORCA G2 version 2.0.1.35 (EC2007 Kernel v5.22)

Description A local privilege escalation issue exists due to a Time-of-Check Time-of-Use (TOCTOU) race condition in the license management logic. The regService process, running with SYSTEM privileges, creates a fixed directory and writes files without verifying if the path is an NTFS reparse point. An attacker can replace the target directory with a junction pointing to a user-controlled path, causing the SYSTEM-level process to write binaries to a location controlled by the attacker, enabling arbitrary code execution with SYSTEM privileges. This can be exploited by a standard user with a single User Account Control (UAC) confirmation.

Recommendations Update to a newer version that contains a fix for this vulnerability.